On 11/05/2012 01:51 PM, Tim Hughes wrote: > > I am trying to migrate from a fedora-ds-1.1.2-1.fc6 server to > ipa-server-2.2.0-16.el6.x86_64 with the following command > > > ipa migrate-ds ldaps://fedora-ds-server.internal --continue > --with-compat --base-dn=dc=custsvc,dc=mycompany > --user-container=ou=People,ou=custsvc,dc=co,dc=mycompany > --group-container=ou=Groups,ou=custsvc,dc=co,dc=mycompany >
You are using ldaps but there is no cert info defined to connect to fedora-DS with SSL. Did you mean ldap://... ? > > I get the following response. > > > ipa: DEBUG: approved_usage = SSLServer intended_usage = SSLServer > ipa: DEBUG: cert valid True for "CN=ipa-server.internal,O=CO.MYCOMPANY" > ipa: DEBUG: handshake complete, peer = 192.168.10.6:443 > <http://192.168.10.6:443> > ipa: DEBUG: Caught fault 4203 from server > http://ipa-server.internal/ipa/xml: Can't contact LDAP server: TLS > error -8172:Peer's certificate issuer has been marked as not trusted > by the user. > ipa: DEBUG: Destroyed connection context.xmlclient > ipa: ERROR: Can't contact LDAP server: TLS error -8172:Peer's > certificate issuer has been marked as not trusted by the user. > > > I am trying to work out which certificate is not trusted and how I > should make it trusted. Any help would be appreciated. > > > Tim Hughes > mailto:[email protected] <mailto:[email protected]> > > > > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users -- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
